Re: Access Control for AtomPub
Paul Fremantle <pzfreo@gmail.com> Wed, 19 January 2011 19:20 UTC
Return-Path: <owner-atom-syntax@mail.imc.org>
X-Original-To: ietfarch-atompub-archive@core3.amsl.com
Delivered-To: ietfarch-atompub-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 018B73A71A6 for <ietfarch-atompub-archive@core3.amsl.com>; Wed, 19 Jan 2011 11:20:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.046
X-Spam-Level:
X-Spam-Status: No, score=-2.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vJrDIrLTY1qX for <ietfarch-atompub-archive@core3.amsl.com>; Wed, 19 Jan 2011 11:20:23 -0800 (PST)
Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id B4ED43A71A5 for <atompub-archive@ietf.org>; Wed, 19 Jan 2011 11:20:23 -0800 (PST)
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0JJF71P011612 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Jan 2011 12:15:07 -0700 (MST) (envelope-from owner-atom-syntax@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p0JJF6D5011611; Wed, 19 Jan 2011 12:15:06 -0700 (MST) (envelope-from owner-atom-syntax@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-atom-syntax@mail.imc.org using -f
Received: from mail-ew0-f43.google.com (mail-ew0-f43.google.com [209.85.215.43]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0JJF4jd011601 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=FAIL); Wed, 19 Jan 2011 12:15:05 -0700 (MST) (envelope-from pzfreo@gmail.com)
Received: by ewy22 with SMTP id 22so679024ewy.16 for <multiple recipients>; Wed, 19 Jan 2011 11:15:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=JPpADwn/o4BR5FCj0yNFru4JQVVKmp0k30pkB0N581U=; b=DWUY0f6qkVIc1n/upz8vFPKkv4AGUx7bFXcfj/umdMJRW5HcALwsRWRG+/LD4QRPkU tiwSdy5uMbxhHVc5w+wihcUxCORSZmEErkqTSGuq3r8UUCJE/fqN4BvPLHtsmtCwXdZ1 LeVrlz+3nmQLx7E5uETC9s2MhVrxUr4387aqY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=r92PCB3eIEBxd/FycCoHUVlWhu3J0KbZNg/0wDNlj+rDYLrGUdBID85Z6idRlynJEL a+l1IKGhpQMiaeQSMH3+ABO1VBDk5wbybGIBPXxf3erSlQuSLsIEIQns1s+XMCk2YDjA zXEWn7xKnFMRZf8NBxcaUSaIacpy/seZt2+tw=
MIME-Version: 1.0
Received: by 10.213.22.209 with SMTP id o17mr1576928ebb.41.1295464503480; Wed, 19 Jan 2011 11:15:03 -0800 (PST)
Received: by 10.213.22.130 with HTTP; Wed, 19 Jan 2011 11:15:03 -0800 (PST)
In-Reply-To: <20110119175151.GB5578@aliman-desktop>
References: <20110119175151.GB5578@aliman-desktop>
Date: Wed, 19 Jan 2011 19:15:03 +0000
Message-ID: <AANLkTikEQ7-85j2KiJ=213xrekufGt0wuthZ=SjGJqQZ@mail.gmail.com>
Subject: Re: Access Control for AtomPub
From: Paul Fremantle <pzfreo@gmail.com>
To: Alistair Miles <alimanfoo@googlemail.com>
Cc: atom-protocol@imc.org, atom-syntax@imc.org
Content-Type: text/plain; charset="ISO-8859-1"
Sender: owner-atom-syntax@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/atom-syntax/mail-archive/>
List-Unsubscribe: <mailto:atom-syntax-request@imc.org?body=unsubscribe>
List-ID: <atom-syntax.imc.org>
WSO2 Governance Registry (http://wso2.org/library/governance-registry) is an Open Source registry/repository that implements fine-grained access control for Atom/AtomPub. We use Apache Shindig as the AtomPub implementation and have added access control. Paul On Wed, Jan 19, 2011 at 5:51 PM, Alistair Miles <alimanfoo@googlemail.com> wrote: > > Hi all, > > Apologies for mailing both atom-* lists, I wasn't sure which was the right > forum for this. > > With colleagues at the University of Oxford, I've been doing some work on > access control for atompub-based data repositories. We have a vanilla atompub > implementation called AtomBeat, which has a security plugin that supports > fine-grained access control policies via access control lists. There's some > documentation at: > > http://code.google.com/p/atombeat/wiki/TutorialAccessControl > > I guess I'm emailing because I'd be very interested to hear from anyone > who's done any work on authorization and access control for systems based > on atompub. This stuff isn't easy, and I'd really appreciate any insights > or experience or links to discussions or existing implementation work. > > Other relevant work I'm aware of is the work on access control in CMIS [1] > (which I need to study in more detail, haven't fully understood yet), the > various bits of the GData APIs that support access control (e.g., calendar > API [2]), and a discussion of feed access control and licensing on rss-public > from 2006 [3] ... please let me know if I'm missing anything major. > > Cheers, > > Alistair > > [1] http://docs.oasis-open.org/cmis/CMIS/v1.0/os/cmis-spec-v1.0.html > [2] http://code.google.com/apis/calendar/data/2.0/developers_guide_protocol.html#SharingACalendar > [3] http://tech.groups.yahoo.com/group/rss-public/message/724 > > -- > Alistair Miles > Head of Epidemiological Informatics > Centre for Genomics and Global Health <http://cggh.org> > The Wellcome Trust Centre for Human Genetics > Roosevelt Drive > Oxford > OX3 7BN > United Kingdom > Web: http://purl.org/net/aliman > Email: alimanfoo@gmail.com > Tel: +44 (0)1865 287669 > > -- Paul Fremantle Co-Founder and CTO, WSO2 Apache Synapse PMC Chair OASIS WS-RX TC Co-chair blog: http://pzf.fremantle.org paul@wso2.com "Oxygenating the Web Service Platform", www.wso2.com
- Access Control for AtomPub Alistair Miles
- Re: Access Control for AtomPub Paul Fremantle
- Re: Access Control for AtomPub Alistair Miles
- Re: Access Control for AtomPub Paul Fremantle